Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2026/06/12 11:28 p.m.5 views

MGASA-2026-0204 Updated expat packages fix security vulnerabilities

CVE-2026-45186 the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input...

7.5CVSS5.2AI score0.00495EPSS
Exploits1References5
OSV
OSVadded 2026/05/22 1:21 p.m.7 views

OESA-2026-2431 expat security update

expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via...

7.5CVSS5.7AI score0.00495EPSS
Exploits1References2
CNNVD
CNNVDadded 2025/10/27 12:0 a.m.4 views

Frappe Learning 跨站脚本漏洞

Frappe Learning is an easy-to-use open source learning management system from Frappe Open Source. A cross-site scripting vulnerability exists in Frappe Learning 2.39.1 and prior versions that stems from allowing HTML to be added via Job Form input fields, which could lead to a cross-site scriptin...

5.4CVSS5.9AI score0.0015EPSS
Exploits0References3
OSV
OSVadded 2025/10/22 12:0 p.m.2 views

SUSE-SU-2025:20868-1 Security update for expat

This update for expat fixes the following issues: - CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations by submitting crafted XML input bsc1249584...

7.5CVSS6.3AI score0.01238EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2025/10/11 12:0 a.m.1 views

SUSE SLES15 Security Update : expat (SUSE-SU-2025:03537-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03537-1 advisory. - CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations by submitting crafted...

7.5CVSS6.3AI score0.01238EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-41881

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SDoP versions prior to 1.11 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When ...

8.8CVSS7.6AI score0.00535EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2025/06/14 2:54 a.m.1 views

SUSE CVE-2025-49795

A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service...

7.5CVSS6.7AI score0.00475EPSS
Exploits0References7
Snyk
Snykadded 2025/03/03 6:47 a.m.1 views

Arbitrary Code Injection

Overview org.webjars:prismjs is a lightweight, robust, elegant syntax highlighting library. Affected versions of this package are vulnerable to Arbitrary Code Injection via the document.currentScript lookup process. An attacker can manipulate the web page content and execute unintended actions by...

5.4CVSS7.3AI score0.00271EPSS
Exploits1References2
Rows per page
Query Builder